APIStrong provides API Threat Protection to save your API from attacks. To apply threat protection to your API, you have two options either you can apply threat protection at complete project level or at individual API level.
Applying at project level make sure all APIs from given project are protected with defined criteria Vs individual level only current API is validated.
click on the Threat Protection from the top navigation. Select Project to which you want to apply for threat protection. Apply the threat protection assertion of your choice.
We provide the following type of threat protection.
IP Address Range
Message Size Limit
Code Injection Protection
SQL Injection Protection
JSON Document Structure
Gateway Exposed URL
Your all threat protection assertion is applicable to your API when you hit Gateway Exposed URL. For normal API hits, they won’t be applicable.
Note: All same URLs with different HTTP types will have the same threat protection assertion. If Assertion type or values change for any API URL, it will be applicable for all other same URLs having different HTTP types.